Eric,
> they don't have the priviledge of
>using the define command even if
>they could get to the dollar sign.
Nevertheless! When designing a program which will be installed with any privilege, it is still prudent to always disable any unnecessary privileges as the first executable statement in the program, then enable privileges immediately before they are required and disable them immediately afterward they are used.
If you're running V7.3 or higher, you can use INSTALL/AUTHPRIVILEGE=(BYPASS) to give the image the ability to enable BYPASS, but not have it enabled upon image activation.
If at all possible, use this option instead of INSTALL/PRIVILEGE (but even then, being paranoid about this type of thing, I would STILL strongly recommend having a $SETPRV(NOALL,TMPMBX,NETMBX) as the first executable statement)
Furthermore, you should protect the image so it can only be executed by authorized users. WORLD EXECUTE is NOT good. Use an ACL to limit access to users holding a rights identifier.
Although what you say may be true right now, you don't know if someone is going to add new users with different access rights to the system in future, nor do you know what changes may be made to the program. There are just too many possible ways exploit a privileged image.
All that said, it sounds like your application would be better implemented using a Project Directory (see OpenVMS Guide to System Security, Section 8.8.1.2.2
http://h71000.www7.hp.com/doc/732FINAL/aa-q2hlg-te/00/00/78-con.html#projectaccountssettingup ), or as a "protected subsystem"
http://h71000.www7.hp.com/doc/732FINAL/aa-q2hlg-te/00/01/112-con.html#projectaccountsasprotectedsubsystemsEither of these mechanisms should give you the ability to create a far more precise solution in a much more secure manner, and without the inherent limitations of protected images.
BYPASS and READALL are THERMONUCLEAR hammers. If you find yourself resorting to using them to solve relatively simple problems, you should see big red flags and LOUD alarm bells. Think "huge security hole waiting to be exploited". OpenVMS has a very rich variety of security control mechanisms, please use them to keep your system secure.
A crucible of informative mistakes
